AWS Security ChangesHomeSearch

AWS config documentation change

Service: config · 2025-03-10 · Documentation low

File: config/latest/developerguide/managed-rules-by-evaluation-mode.md

Summary

Added same new managed rules as in 'managed-rules-by-aws-config.md' including security-related configurations

Security assessment

Lists new security-oriented rules but no evidence of addressing specific security incidents

Diff

diff --git a/config/latest/developerguide/managed-rules-by-evaluation-mode.md
index b52c44071..2bf4ef6aa 100644
--- a/config/latest/developerguide/managed-rules-by-evaluation-mode.md
+++ b/config/latest/developerguide/managed-rules-by-evaluation-mode.md
@@ -365,0 +366,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [connect-instance-logging-enabled](./connect-instance-logging-enabled.html)
+
@@ -533,0 +536,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [ecr-repository-cmk-encryption-enabled](./ecr-repository-cmk-encryption-enabled.html)
+
@@ -637,0 +642,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [elbv2-predefined-security-policy-ssl-check](./elbv2-predefined-security-policy-ssl-check.html)
+
@@ -715,0 +722,6 @@ Currently, all AWS Config rules support detective evaluation.
+  * [glue-spark-job-supported-version](./glue-spark-job-supported-version.html)
+
+  * [guardduty-ec2-protection-runtime-enabled](./guardduty-ec2-protection-runtime-enabled.html)
+
+  * [guardduty-ecs-protection-runtime-enabled](./guardduty-ecs-protection-runtime-enabled.html)
+
@@ -729,0 +742,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [guardduty-runtime-monitoring-enabled](./guardduty-runtime-monitoring-enabled.html)
+
@@ -903,0 +918,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [netfw-subnet-change-protection-enabled](./netfw-subnet-change-protection-enabled.html)
+
@@ -1125,0 +1142,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [sqs-queue-no-public-access](./sqs-queue-no-public-access.html)
+
@@ -1147,0 +1166,2 @@ Currently, all AWS Config rules support detective evaluation.
+  * [transfer-connector-logging-enabled](./transfer-connector-logging-enabled.html)
+